- Documentation: https://segment.com/docs/config-api/
- Summary: Segment is a Customer Data Platform (CDP). It collects user events from web & mobile apps and provides a complete data toolkit to every team in the company. This detector aims at catching the keys associated to a workspace management.
- IPs allowlist: There is no IP allowlisting possible.
- Scopes: Three scopes are available for workspace API keys: read/write, read-only and read-only restricted to some sources.
Keys can be rotated or revoked on Segment's website.
There is currently no method to audit a key's usage.
Segment workspace key#
High recall: False
Validity check available: True
Only valid secrets raise an alert: True
Minimum number of matches: 1
Occurrences found for one million commits: 0.84
- type: FilenameBanlistPreValidator banlist_extensions: - css - html - lock - md - storyboard - xib banlist_filenames:  check_binaries: false- type: ContentWhitelistPreValidator patterns: - segment
- text: > segment token = d8ZxrEH5fq5dIt3I2MqBCihRpNyvV5Dasv6L_uJjHJE.P7m7-r-moL7wo6jF2IeiUFRcrZ87WIw0tAdNiw8R45I apikey: d8ZxrEH5fq5dIt3I2MqBCihRpNyvV5Dasv6L_uJjHJE.P7m7-r-moL7wo6jF2IeiUFRcrZ87WIw0tAdNiw8R45I